[PATCH v10 1/4] pem: make endp setting smarter

[PATCH v10 1/4] pem: make endp setting smarter

[James Prestwood]

[-- Attachment #1: Type: text/plain, Size: 786 bytes --]

Always doing eol + 1 could result in endp pointing past the bounds
of the PEM if the PEM does not have a final newline. Now we check
that we aren't going past the bounds of the buffer before setting
endp, and if we are just set endp to eol.
---
 ell/pem.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/ell/pem.c b/ell/pem.c
index d8f57ed..9da2071 100644
--- a/ell/pem.c
+++ b/ell/pem.c
@@ -164,8 +164,12 @@ const char *pem_next(const void *buf, size_t buf_len, char **type_label,
 			if (base64_len)
 				*base64_len = buf_ptr - base64_data;
 
-			if (endp)
-				*endp = eol + 1;
+			if (endp) {
+				if (eol == buf + buf_len)
+					*endp = eol;
+				else
+					*endp = eol + 1;
+			}
 
 			return base64_data;
 		}
-- 
2.17.1

[PATCH v10 2/4] settings: introduce extended groups concept

[James Prestwood]

[-- Attachment #1: Type: text/plain, Size: 10564 bytes --]

This patch introduces a new extended format for settings files. This new
format allows raw data to be provided under a given group rather than
key/value pairs. A group using an extended format will contain both the
extended type and group name in the format, for example:

[@pem(a)certificate]

Where 'pem' is the type and 'certificate' is the name. The type of
format requires an extension specific parser implementation in settings
as the parser must know when to start/stop parsing data. This allows for
any textual characters to be present after the group is declared,
including special characters like [] (its completely up to the parser to
decide whats valid and what is not).

Three new l_settings APIs were added:

l_settings_has_embedded_group
l_settings_get_embedded_groups
l_settings_get_embedded_value

In this patch, the 'pem' extension type is also introduced, and for now
is the only extended type. The pem extended type expects a base64 encoded
PEM (or list of PEMs) after the group. The pem parser will stop after the
last PEM is found. Examples can be found in unit/test-settings.c
---
 ell/ell.sym    |   3 +
 ell/settings.c | 261 ++++++++++++++++++++++++++++++++++++++++++++++++-
 ell/settings.h |   7 ++
 3 files changed, 268 insertions(+), 3 deletions(-)

-v10:
 * Fixed writing to file logic

diff --git a/ell/ell.sym b/ell/ell.sym
index e02f0fe..32d94f5 100644
--- a/ell/ell.sym
+++ b/ell/ell.sym
@@ -425,6 +425,9 @@ global:
 	l_settings_set_float;
 	l_settings_remove_group;
 	l_settings_remove_key;
+	l_settings_has_embedded_group;
+	l_settings_get_embedded_groups;
+	l_settings_get_embedded_value;
 	/* signal */
 	l_signal_create;
 	l_signal_remove;
diff --git a/ell/settings.c b/ell/settings.c
index 98f0cfd..c5e1184 100644
--- a/ell/settings.c
+++ b/ell/settings.c
@@ -48,12 +48,20 @@
 #include "settings.h"
 #include "private.h"
 #include "missing.h"
+#include "pem-private.h"
 
 struct setting_data {
 	char *key;
 	char *value;
 };
 
+struct embedded_group_data {
+	char *name;
+	char type[32];
+	size_t len;
+	char data[0];
+};
+
 struct group_data {
 	char *name;
 	struct l_queue *settings;
@@ -64,6 +72,7 @@ struct l_settings {
 	l_settings_destroy_cb_t debug_destroy;
 	void *debug_data;
 	struct l_queue *groups;
+	struct l_queue *embedded_groups;
 };
 
 static void setting_destroy(void *data)
@@ -86,12 +95,21 @@ static void group_destroy(void *data)
 	l_free(group);
 }
 
+static void embedded_group_destroy(void *data)
+{
+	struct embedded_group_data *group = data;
+
+	l_free(group->name);
+	l_free(group);
+}
+
 LIB_EXPORT struct l_settings *l_settings_new(void)
 {
 	struct l_settings *settings;
 
 	settings = l_new(struct l_settings, 1);
 	settings->groups = l_queue_new();
+	settings->embedded_groups = l_queue_new();
 
 	return settings;
 }
@@ -105,6 +123,7 @@ LIB_EXPORT void l_settings_free(struct l_settings *settings)
 		settings->debug_destroy(settings->debug_data);
 
 	l_queue_destroy(settings->groups, group_destroy);
+	l_queue_destroy(settings->embedded_groups, embedded_group_destroy);
 
 	l_free(settings);
 }
@@ -222,6 +241,140 @@ static char *escape_value(const char *value)
 	return ret;
 }
 
+static ssize_t parse_pem(const char *data, size_t len)
+{
+	const char *ptr;
+	const char *end;
+	size_t count = 0;
+
+	ptr = data;
+	end = data + len;
+
+	while (ptr && ptr < end) {
+		const char *pem_start = ptr;
+
+		if (!pem_next(ptr, len, NULL, NULL, &ptr, true)) {
+			if (ptr)
+				return -EINVAL;
+
+			break;
+		}
+
+		len -= ptr - pem_start;
+		count += ptr - pem_start;
+	}
+
+	return count;
+}
+
+struct group_extension {
+	char *name;
+	ssize_t (*parse)(const char *data, size_t len);
+};
+
+static const struct group_extension pem_extension = {
+	.name = "pem",
+	.parse = parse_pem,
+};
+
+static const struct group_extension *extensions[] = {
+	&pem_extension,
+	NULL
+};
+
+static const struct group_extension *find_group_extension(const char *type,
+								size_t len)
+{
+	unsigned int i;
+
+	for (i = 0; extensions[i]; i++) {
+		if (!strncmp(type, extensions[i]->name, len))
+			return extensions[i];
+	}
+
+	return NULL;
+}
+
+static ssize_t parse_embedded_group(struct l_settings *setting,
+					const char *data,
+					size_t line_len, size_t len,
+					size_t line)
+{
+	struct embedded_group_data *group;
+	const struct group_extension *ext;
+	const char *ptr;
+	const char *type;
+	size_t type_len;
+	const char *name;
+	size_t name_len;
+	ssize_t bytes;
+
+	/* Must be at least [@a(a)b] */
+	if (line_len < 6)
+		goto invalid_group;
+
+	/* caller checked data[1] == '@', next char is type */
+	type = data + 2;
+
+	ptr = memchr(type, '@', line_len - 2);
+
+	type_len = ptr - type;
+
+	if (!ptr || type_len > 31 || type_len < 1)
+		goto invalid_group;
+
+	if (ptr + 1 > data + line_len)
+		goto invalid_group;
+
+	name = ptr + 1;
+
+	/* subtract [@@ + type */
+	ptr = memchr(name, ']', line_len - 3 - type_len);
+
+	name_len = ptr - name;
+
+	if (!ptr || name_len < 1)
+		goto invalid_group;
+
+	ext = find_group_extension(type, type_len);
+	if (!ext)
+		goto invalid_group;
+
+	if (ptr + 2 > data + len) {
+		l_util_debug(setting->debug_handler, setting->debug_data,
+				"Embedded group had no payload");
+		return -EINVAL;
+	}
+
+	bytes = ext->parse(ptr + 2, len - line_len);
+	if (bytes < 0) {
+		l_util_debug(setting->debug_handler, setting->debug_data,
+				"Failed to parse embedded group data");
+		return -EINVAL;
+	}
+
+	group = l_malloc(sizeof(struct embedded_group_data) + bytes + 1);
+
+	group->name = l_strndup(name, name_len);
+
+	memcpy(group->type, type, type_len);
+	group->type[type_len] = '\0';
+
+	group->len = bytes;
+	memcpy(group->data, ptr + 2, bytes);
+	group->data[bytes] = '\0';
+
+	l_queue_push_tail(setting->embedded_groups, group);
+
+	return bytes;
+
+invalid_group:
+	l_util_debug(setting->debug_handler, setting->debug_data,
+			"Invalid embedded group at line %zd", line);
+
+	return -EINVAL;
+}
+
 static bool parse_group(struct l_settings *settings, const char *data,
 			size_t len, size_t line)
 {
@@ -404,7 +557,21 @@ LIB_EXPORT bool l_settings_load_from_data(struct l_settings *settings,
 
 		line_len = eol - data - pos;
 
-		if (data[pos] == '[') {
+		if (line_len > 1 && data[pos] == '[' && data[pos + 1] == '@') {
+			ssize_t ret;
+
+			ret = parse_embedded_group(settings, data + pos,
+							line_len, len - pos,
+							line);
+			if (ret < 0)
+				return false;
+
+			/*
+			 * This is the offset for the actual raw data, the
+			 * group line will be offset below
+			 */
+			pos += ret;
+		} else if (data[pos] == '[') {
 			r = parse_group(settings, data + pos, line_len, line);
 			if (r)
 				has_group = true;
@@ -437,11 +604,12 @@ LIB_EXPORT char *l_settings_to_data(const struct l_settings *settings,
 	group_entry = l_queue_get_entries(settings->groups);
 	while (group_entry) {
 		struct group_data *group = group_entry->data;
-		const struct l_queue_entry *setting_entry =
-				l_queue_get_entries(group->settings);
+		const struct l_queue_entry *setting_entry;
 
 		l_string_append_printf(buf, "[%s]\n", group->name);
 
+		setting_entry = l_queue_get_entries(group->settings);
+
 		while (setting_entry) {
 			struct setting_data *setting = setting_entry->data;
 
@@ -456,6 +624,24 @@ LIB_EXPORT char *l_settings_to_data(const struct l_settings *settings,
 		group_entry = group_entry->next;
 	}
 
+	group_entry = l_queue_get_entries(settings->embedded_groups);
+
+	if (group_entry && l_queue_length(settings->groups) > 0)
+		l_string_append_c(buf, '\n');
+
+	while (group_entry) {
+		struct embedded_group_data *group = group_entry->data;
+
+		l_string_append_printf(buf, "[@%s@%s]\n%s",
+					group->type,
+					group->name,
+					group->data);
+		if (group_entry->next)
+			l_string_append_c(buf, '\n');
+
+		group_entry = group_entry->next;
+	}
+
 	ret = l_string_unwrap(buf);
 
 	if (len)
@@ -1176,3 +1362,72 @@ LIB_EXPORT bool l_settings_remove_key(struct l_settings *settings,
 
 	return true;
 }
+
+static void gather_embedded_groups(void *data, void *user_data)
+{
+	struct embedded_group_data *group_data = data;
+	struct gather_data *gather = user_data;
+
+	gather->v[gather->cur++] = l_strdup(group_data->name);
+}
+
+LIB_EXPORT char **l_settings_get_embedded_groups(struct l_settings *settings)
+{
+	char **ret;
+	struct gather_data gather;
+
+	if (unlikely(!settings))
+		return NULL;
+
+	ret = l_new(char *, l_queue_length(settings->groups) + 1);
+	gather.v = ret;
+	gather.cur = 0;
+
+	l_queue_foreach(settings->embedded_groups, gather_embedded_groups,
+				&gather);
+
+	return ret;
+}
+
+static bool embedded_group_match(const void *a, const void *b)
+{
+	const struct embedded_group_data *group = a;
+	const char *name = b;
+
+	return !strcmp(group->name, name);
+}
+
+LIB_EXPORT bool l_settings_has_embedded_group(struct l_settings *settings,
+						const char *group)
+{
+	struct embedded_group_data *group_data;
+
+	if (unlikely(!settings))
+		return false;
+
+	group_data = l_queue_find(settings->embedded_groups,
+					embedded_group_match, group);
+
+	return group_data != NULL;
+}
+
+LIB_EXPORT const char *l_settings_get_embedded_value(
+						struct l_settings *settings,
+						const char *group_name,
+						const char **out_type)
+{
+	struct embedded_group_data *group;
+
+	if (unlikely(!settings))
+		return false;
+
+	group = l_queue_find(settings->embedded_groups,
+					embedded_group_match, group_name);
+	if (!group)
+		return NULL;
+
+	if (out_type)
+		*out_type = group->type;
+
+	return group->data;
+}
diff --git a/ell/settings.h b/ell/settings.h
index 0da9f55..e4203af 100644
--- a/ell/settings.h
+++ b/ell/settings.h
@@ -123,6 +123,13 @@ bool l_settings_remove_key(struct l_settings *settings, const char *group_name,
 				const char *key);
 bool l_settings_remove_group(struct l_settings *settings,
 				const char *group_name);
+
+char **l_settings_get_embedded_groups(struct l_settings *settings);
+bool l_settings_has_embedded_group(struct l_settings *settings,
+					const char *group);
+const char *l_settings_get_embedded_value(struct l_settings *settings,
+						const char *group_name,
+						const char **out_type);
 #ifdef __cplusplus
 }
 #endif
-- 
2.17.1

[PATCH v10 3/4] unit/test-settings: add pem extended type tests

[James Prestwood]

[-- Attachment #1: Type: text/plain, Size: 15458 bytes --]

---
 unit/settings.test   |  28 +++++
 unit/test-settings.c | 243 ++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 269 insertions(+), 2 deletions(-)

diff --git a/unit/settings.test b/unit/settings.test
index 3884f7d..5f2d4f8 100644
--- a/unit/settings.test
+++ b/unit/settings.test
@@ -20,3 +20,31 @@ StringList=Foo,Bar,Baz
 StringListEmpty=
 StringListOne=FooBarBaz
 StringWithSpaces=Bar B Q
+
+[@pem(a)certificate]
+-----BEGIN CERTIFICATE-----
+MIIEajCCA1KgAwIBAgIUKIOXQXEyHZsOFw/+ihDBNGTQnWUwDQYJKoZIhvcNAQEL
+BQAweDE1MDMGA1UECgwsSW50ZXJuYXRpb25hbCBVbmlvbiBvZiBFeGFtcGxlIE9y
+Z2FuaXphdGlvbnMxHzAdBgNVBAMMFkNlcnRpZmljYXRlIGlzc3VlciBndXkxHjAc
+BgkqhkiG9w0BCQEWD2NhQG1haWwuZXhhbXBsZTAeFw0xOTA5MTYxNzEyNThaFw00
+NzAyMDExNzEyNThaMHgxNTAzBgNVBAoMLEludGVybmF0aW9uYWwgVW5pb24gb2Yg
+RXhhbXBsZSBPcmdhbml6YXRpb25zMR8wHQYDVQQDDBZDZXJ0aWZpY2F0ZSBpc3N1
+ZXIgZ3V5MR4wHAYJKoZIhvcNAQkBFg9jYUBtYWlsLmV4YW1wbGUwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjovj3aq26sAQ0k5vD/BVp40p0lhz1+Wet
+1EcdQa1arVIca9nhfvoHfJAmK+zzqQLbvI0/e2if4X6OKf41g7w7VaYS9qv5jZZ0
+v/7aL6PUa2F7C9HG/vuIII/dRvP2uQ43PLxeTeZyj7bBUB9xCFCpzB+7AZuUuH0H
+ABaC9CAGZWImBY5NUXST7E/BsvqU80KJglDovcabthvwoekji9DC/wwISLE1e9cO
+A9IB0Co0mA1ME6wzrawmuTzxUw9BsmEhbKhFGBRwIrrq0r4GvDmeMFiZjXv+I0vq
+wSCyRtgoeBmyemqIEgiN4Z23V7ps3dbYF/tw96Zj7rd5gtjY9VSdAgMBAAGjgesw
+gegwDwYDVR0TBAgwBgEB/wIBADAdBgNVHQ4EFgQUnvllvvxy17VqqR0FfgS4NwzX
+jScwgbUGA1UdIwSBrTCBqoAUnvllvvxy17VqqR0FfgS4NwzXjSehfKR6MHgxNTAz
+BgNVBAoMLEludGVybmF0aW9uYWwgVW5pb24gb2YgRXhhbXBsZSBPcmdhbml6YXRp
+b25zMR8wHQYDVQQDDBZDZXJ0aWZpY2F0ZSBpc3N1ZXIgZ3V5MR4wHAYJKoZIhvcN
+AQkBFg9jYUBtYWlsLmV4YW1wbGWCFCiDl0FxMh2bDhcP/ooQwTRk0J1lMA0GCSqG
+SIb3DQEBCwUAA4IBAQBROAyWfQyKXQ007U6ctgihHbg/lsfEEfeNPG+QRVt8/e53
+4fH6scuY9bW7CZQSdiBo178ITHrIOo2CuFMa0ysnW3V1M9/s0dUYjBHYdpTEEQ+d
+tgm1uRLiTsYeBtueRItEmZU6JjgmvAH8i1UqI0e5iYlfnovPmftpqIwRH7k7A9kS
+SehC9QkkrnIttDEoeYTGhLOJu1Fx2cwAodce6VNgz/k1zIXY5Tprg440zrCwc+th
+MpX48F31ggg8Wd5N6Xg1nricGwL8K90ts6xvwF1WwKsg6BeYdyC0eYBqQ41MA/7P
+DK3OGM6cC5tbQGWaIT0Q407GJBGpaijDicA2YqlK
+-----END CERTIFICATE-----
diff --git a/unit/test-settings.c b/unit/test-settings.c
index 4d4fb68..fa3a533 100644
--- a/unit/test-settings.c
+++ b/unit/test-settings.c
@@ -30,6 +30,120 @@
 
 #include <ell/ell.h>
 
+#define TEST_CERTIFICATE \
+	"-----BEGIN CERTIFICATE-----\n" \
+	"MIIEajCCA1KgAwIBAgIUKIOXQXEyHZsOFw/+ihDBNGTQnWUwDQYJKoZIhvcNAQEL\n" \
+	"BQAweDE1MDMGA1UECgwsSW50ZXJuYXRpb25hbCBVbmlvbiBvZiBFeGFtcGxlIE9y\n" \
+	"Z2FuaXphdGlvbnMxHzAdBgNVBAMMFkNlcnRpZmljYXRlIGlzc3VlciBndXkxHjAc\n" \
+	"BgkqhkiG9w0BCQEWD2NhQG1haWwuZXhhbXBsZTAeFw0xOTA5MTYxNzEyNThaFw00\n" \
+	"NzAyMDExNzEyNThaMHgxNTAzBgNVBAoMLEludGVybmF0aW9uYWwgVW5pb24gb2Yg\n" \
+	"RXhhbXBsZSBPcmdhbml6YXRpb25zMR8wHQYDVQQDDBZDZXJ0aWZpY2F0ZSBpc3N1\n" \
+	"ZXIgZ3V5MR4wHAYJKoZIhvcNAQkBFg9jYUBtYWlsLmV4YW1wbGUwggEiMA0GCSqG\n" \
+	"SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjovj3aq26sAQ0k5vD/BVp40p0lhz1+Wet\n" \
+	"1EcdQa1arVIca9nhfvoHfJAmK+zzqQLbvI0/e2if4X6OKf41g7w7VaYS9qv5jZZ0\n" \
+	"v/7aL6PUa2F7C9HG/vuIII/dRvP2uQ43PLxeTeZyj7bBUB9xCFCpzB+7AZuUuH0H\n" \
+	"ABaC9CAGZWImBY5NUXST7E/BsvqU80KJglDovcabthvwoekji9DC/wwISLE1e9cO\n" \
+	"A9IB0Co0mA1ME6wzrawmuTzxUw9BsmEhbKhFGBRwIrrq0r4GvDmeMFiZjXv+I0vq\n" \
+	"wSCyRtgoeBmyemqIEgiN4Z23V7ps3dbYF/tw96Zj7rd5gtjY9VSdAgMBAAGjgesw\n" \
+	"gegwDwYDVR0TBAgwBgEB/wIBADAdBgNVHQ4EFgQUnvllvvxy17VqqR0FfgS4NwzX\n" \
+	"jScwgbUGA1UdIwSBrTCBqoAUnvllvvxy17VqqR0FfgS4NwzXjSehfKR6MHgxNTAz\n" \
+	"BgNVBAoMLEludGVybmF0aW9uYWwgVW5pb24gb2YgRXhhbXBsZSBPcmdhbml6YXRp\n" \
+	"b25zMR8wHQYDVQQDDBZDZXJ0aWZpY2F0ZSBpc3N1ZXIgZ3V5MR4wHAYJKoZIhvcN\n" \
+	"AQkBFg9jYUBtYWlsLmV4YW1wbGWCFCiDl0FxMh2bDhcP/ooQwTRk0J1lMA0GCSqG\n" \
+	"SIb3DQEBCwUAA4IBAQBROAyWfQyKXQ007U6ctgihHbg/lsfEEfeNPG+QRVt8/e53\n" \
+	"4fH6scuY9bW7CZQSdiBo178ITHrIOo2CuFMa0ysnW3V1M9/s0dUYjBHYdpTEEQ+d\n" \
+	"tgm1uRLiTsYeBtueRItEmZU6JjgmvAH8i1UqI0e5iYlfnovPmftpqIwRH7k7A9kS\n" \
+	"SehC9QkkrnIttDEoeYTGhLOJu1Fx2cwAodce6VNgz/k1zIXY5Tprg440zrCwc+th\n" \
+	"MpX48F31ggg8Wd5N6Xg1nricGwL8K90ts6xvwF1WwKsg6BeYdyC0eYBqQ41MA/7P\n" \
+	"DK3OGM6cC5tbQGWaIT0Q407GJBGpaijDicA2YqlK\n" \
+	"-----END CERTIFICATE-----\n"
+
+#define TEST_CERT_LIST \
+	"-----BEGIN CERTIFICATE-----\n" \
+	"MIIEXDCCA0SgAwIBAgIJALjNE85c9plgMA0GCSqGSIb3DQEBCwUAMHgxNTAzBgNV\n" \
+	"BAoMLEludGVybmF0aW9uYWwgVW5pb24gb2YgRXhhbXBsZSBPcmdhbml6YXRpb25z\n" \
+	"MR8wHQYDVQQDDBZDZXJ0aWZpY2F0ZSBpc3N1ZXIgZ3V5MR4wHAYJKoZIhvcNAQkB\n" \
+	"Fg9jYUBtYWlsLmV4YW1wbGUwHhcNMTkwOTE2MTcxMzAzWhcNNDcwMjAxMTcxMzAz\n" \
+	"WjB4MTUwMwYDVQQKDCxJbnRlcm5hdGlvbmFsIFVuaW9uIG9mIEV4YW1wbGUgT3Jn\n" \
+	"YW5pemF0aW9uczEfMB0GA1UEAwwWQ2VydGlmaWNhdGUgaXNzdWVyIGd1eTEeMBwG\n" \
+	"CSqGSIb3DQEJARYPY2FAbWFpbC5leGFtcGxlMIIBIjANBgkqhkiG9w0BAQEFAAOC\n" \
+	"AQ8AMIIBCgKCAQEA7Lft5O6BtUUokuueQ7mBQVzRzPeH0Nl3NjgGnfBYcz7O2Jca\n" \
+	"rFSBPsV76reUG4QFQudsdwyaLOpniFFSFaI3GRXMxjwZJJjLqvT0aebTiLUSKseA\n" \
+	"QkP/NSITmIljs2yclnPJGIApLuFvykPagx+yc9ckbziEz1PvKB/ukbiU/zt6QCru\n" \
+	"BbyCQ1kWBuyrS3RC0/UgmrSbL7YkkmuD2B1vyZLIoPsJijXs2GJQY3a+zpLemTth\n" \
+	"i/Vw4AURJS1gfEUDNzf9Y9+o7vWJfzk+g7xm1XpMTsNTd7q6UwHOi1xdiKCEPT+q\n" \
+	"c3LXi7qgWqSXeD+F513PM3JMJ3Wk1H8K4VwJwQIDAQABo4HoMIHlMAwGA1UdEwQF\n" \
+	"MAMBAf8wHQYDVR0OBBYEFMuhnjqw8YGMg0cyYlQppMncWis/MIG1BgNVHSMEga0w\n" \
+	"gaqAFJ75Zb78cte1aqkdBX4EuDcM140noXykejB4MTUwMwYDVQQKDCxJbnRlcm5h\n" \
+	"dGlvbmFsIFVuaW9uIG9mIEV4YW1wbGUgT3JnYW5pemF0aW9uczEfMB0GA1UEAwwW\n" \
+	"Q2VydGlmaWNhdGUgaXNzdWVyIGd1eTEeMBwGCSqGSIb3DQEJARYPY2FAbWFpbC5l\n" \
+	"eGFtcGxlghQog5dBcTIdmw4XD/6KEME0ZNCdZTANBgkqhkiG9w0BAQsFAAOCAQEA\n" \
+	"PjX5n/fgkskZmh9aRhX8r9985JtxMdgogJP4uwRbfuQPzAqYyu9QlAOcRl6tNGN7\n" \
+	"mztB5RfJ9HDyjS9iGXsvKXS8wT5ELbuATev+C1Ppxakd3gvJMN4ZqYn32JqRYigN\n" \
+	"L2V2jo9RzVUuFa3YP6sw0KfZAfHsfUmQCxAm8HAfQg98aYyIXu/OzeVUsAuhfqWN\n" \
+	"qvWcOLjTQTn6t10OHHdIYw59EpIEOPD3Opq7pLgIm+EV3eVMWthSLYbEhIavh8Pc\n" \
+	"xN9lqCg887kTawbXbXd49Z8jYZxjxQl7IoonvIyrPhhabKjKCpE2bRFzzpia0PkC\n" \
+	"fRgh+KB2tqIeAoekDllmbA==\n" \
+	"-----END CERTIFICATE-----\n" \
+	"-----BEGIN CERTIFICATE-----\n" \
+	"MIIEajCCA1KgAwIBAgIUKIOXQXEyHZsOFw/+ihDBNGTQnWUwDQYJKoZIhvcNAQEL\n" \
+	"BQAweDE1MDMGA1UECgwsSW50ZXJuYXRpb25hbCBVbmlvbiBvZiBFeGFtcGxlIE9y\n" \
+	"Z2FuaXphdGlvbnMxHzAdBgNVBAMMFkNlcnRpZmljYXRlIGlzc3VlciBndXkxHjAc\n" \
+	"BgkqhkiG9w0BCQEWD2NhQG1haWwuZXhhbXBsZTAeFw0xOTA5MTYxNzEyNThaFw00\n" \
+	"NzAyMDExNzEyNThaMHgxNTAzBgNVBAoMLEludGVybmF0aW9uYWwgVW5pb24gb2Yg\n" \
+	"RXhhbXBsZSBPcmdhbml6YXRpb25zMR8wHQYDVQQDDBZDZXJ0aWZpY2F0ZSBpc3N1\n" \
+	"ZXIgZ3V5MR4wHAYJKoZIhvcNAQkBFg9jYUBtYWlsLmV4YW1wbGUwggEiMA0GCSqG\n" \
+	"SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjovj3aq26sAQ0k5vD/BVp40p0lhz1+Wet\n" \
+	"1EcdQa1arVIca9nhfvoHfJAmK+zzqQLbvI0/e2if4X6OKf41g7w7VaYS9qv5jZZ0\n" \
+	"v/7aL6PUa2F7C9HG/vuIII/dRvP2uQ43PLxeTeZyj7bBUB9xCFCpzB+7AZuUuH0H\n" \
+	"ABaC9CAGZWImBY5NUXST7E/BsvqU80KJglDovcabthvwoekji9DC/wwISLE1e9cO\n" \
+	"A9IB0Co0mA1ME6wzrawmuTzxUw9BsmEhbKhFGBRwIrrq0r4GvDmeMFiZjXv+I0vq\n" \
+	"wSCyRtgoeBmyemqIEgiN4Z23V7ps3dbYF/tw96Zj7rd5gtjY9VSdAgMBAAGjgesw\n" \
+	"gegwDwYDVR0TBAgwBgEB/wIBADAdBgNVHQ4EFgQUnvllvvxy17VqqR0FfgS4NwzX\n" \
+	"jScwgbUGA1UdIwSBrTCBqoAUnvllvvxy17VqqR0FfgS4NwzXjSehfKR6MHgxNTAz\n" \
+	"BgNVBAoMLEludGVybmF0aW9uYWwgVW5pb24gb2YgRXhhbXBsZSBPcmdhbml6YXRp\n" \
+	"b25zMR8wHQYDVQQDDBZDZXJ0aWZpY2F0ZSBpc3N1ZXIgZ3V5MR4wHAYJKoZIhvcN\n" \
+	"AQkBFg9jYUBtYWlsLmV4YW1wbGWCFCiDl0FxMh2bDhcP/ooQwTRk0J1lMA0GCSqG\n" \
+	"SIb3DQEBCwUAA4IBAQBROAyWfQyKXQ007U6ctgihHbg/lsfEEfeNPG+QRVt8/e53\n" \
+	"4fH6scuY9bW7CZQSdiBo178ITHrIOo2CuFMa0ysnW3V1M9/s0dUYjBHYdpTEEQ+d\n" \
+	"tgm1uRLiTsYeBtueRItEmZU6JjgmvAH8i1UqI0e5iYlfnovPmftpqIwRH7k7A9kS\n" \
+	"SehC9QkkrnIttDEoeYTGhLOJu1Fx2cwAodce6VNgz/k1zIXY5Tprg440zrCwc+th\n" \
+	"MpX48F31ggg8Wd5N6Xg1nricGwL8K90ts6xvwF1WwKsg6BeYdyC0eYBqQ41MA/7P\n" \
+	"DK3OGM6cC5tbQGWaIT0Q407GJBGpaijDicA2YqlK\n" \
+	"-----END CERTIFICATE-----\n"
+
+#define TEST_PRIV_KEY \
+	"-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \
+	"MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIvjkVXsNnUUgCAggA\n" \
+	"MAwGCCqGSIb3DQILBQAwHQYJYIZIAWUDBAEqBBAQfXcH4tJZzrKM0bmpXyQWBIIE\n" \
+	"0FwZdv9kfXAZVbPIC2UZLpAqrFqxaaxPMA7FxZrS2sI7QmkXEIfO5TkR8IupYigh\n" \
+	"s/41jv7V5Mij1syrSodfiYDq3Y0gb9tF9Cb0FNoJwJ9f29X/h1GgnG5NPQBQEH4d\n" \
+	"zkqCA8Q8tzh8UTGXLcPwKYSmsAK9Rq739qre5qwHY0+hcoCtUfrev4twFUSC/PUj\n" \
+	"oJDFUxQyVt+WCjcuOG+ugWZSENJJe2O8pAqmt7ChuNKGZTe0UEFn/pxgAAgQYfaz\n" \
+	"lH/Nx7OQBSVqxdVkFr03/j8eeBy/SzZubirThd0aehwsQTw5/M9rSX8p2ldyjUWF\n" \
+	"Fb+UjXFFWdOs21rZtO0LcbdZlIVK94mswI4zo+Vv3f7DsAZPgW+Y36UJbzZNtxRl\n" \
+	"C8t97KH3NozGZIq0znC3CmdYk3EsIlMasp1vgyIpjnsyZcCVtCqbl2+PORv4gZyA\n" \
+	"9/PMNDNGambIERa4WCLc+Sx5lTryK6wNzQXCMigrpB7yaD+s2CA4OxvdU99iMQzD\n" \
+	"9/7cRvEQn/qFhcdTpz3wt97Gs51A+IleJbj9l/50sEsfQmcLVlUM3VbKtozUkaV1\n" \
+	"+5/O15HtMQp0jsjwTlz1AzW5eanPIGoFzLiHKfauzrO5L3i5I2G9GGeCtbUV0+Ts\n" \
+	"CTwT2kCUnypaNl4D5qdtxe3h+78uW3Yz0f5t4Yw/RlYVSJQZ7irdi3QTgDEEBrpL\n" \
+	"pOXTd8nRNxZ+zJZ5ifnBB0Ed+cMxmyKcliVnVLSV0KseNn3tKZwmRUtMBiPqKUD1\n" \
+	"qh8KskfJ0ye8jdcWIubP/gvDh5OgkSz1OdDZKH/RmkktUWCJoyXOMxIz+7GH9u3n\n" \
+	"n9Z6uAteNTefTJyawA3dwlGvRhySAI2nMl2Aj0g+6/ztpUUjXVx09oxZqh9Bn9k4\n" \
+	"t+gKaf4osH51QcKFs8J2YcYCwEYilzRAUwyw65Bo/k4myNXA5t2xSWfQIYRY+Yob\n" \
+	"pmbhOfDMLY1spEVHQ49hXvKE99eP5dyA0CmwZw2gkbXCYBEE1IPthJGYxO4zZdrq\n" \
+	"AYZq22L+09o0899pnD+p/eDTwKaFenjHVqO71khXurF6q7EPz9m4SkphDSNe/9Tc\n" \
+	"O11yMrQE9OUBTTd3zYuN8KuZpj2aW2p5/Z7pqCYJTDwlV/+HRmS/8aJ/sgHfYXpS\n" \
+	"Wpl/SHav6qI7fE5BlKwOwWE6O+vf0Nm9AMsbMErXTFdXe5dAin/uNuFyJM3bTHVO\n" \
+	"SR/R7/zsNoMJwsgogGMSiFbG1ebcSTgMNHKMFS8RvCBNX44fErW2r0bfNjHU4GgO\n" \
+	"KJFukksz/6tNfpIi9lU0Xojc7W8CJVdA9RTx8+LClM5nwFQlqyfIrtEXUK5BM+Vz\n" \
+	"2OI8DlMTpp0+JbSAdE3z1i8cEDFmbfaJ2pNX/1M0JPfcZmZsJiMtNC5Fn6MFBQME\n" \
+	"Fu1MyJuUr+maOqPLb6c4aYa7gVWpiRwwK8nTe1FofKeEY7mi7PyNJI7pARIDmoD4\n" \
+	"d5yFZ9Itg/5/XK7GfuRdve1m5/YGpV+u3HWqDnk/xBJ5FhyF9aIPzROYhXkRkVZz\n" \
+	"rn7DSN3XL2XXtUMle9++kRNmjB8h9GGn4ljunjs9YJBVTb1Y9C9vH1xLh2hknL4M\n" \
+	"h+XY4w5Os5FZNEkIQd/0gLUwgQRK5+j3aetp085GutPR\n" \
+	"-----END ENCRYPTED PRIVATE KEY-----\n"
+
 static const char *data1 = "[Foobar]\n#Comment\n#Comment2\nKey=Value\n"
 		"IntegerA=2147483647\nIntegerB=-2147483648\n"
 		"IntegerC=4294967295\nIntegerD=9223372036854775807\n"
@@ -45,7 +159,9 @@ static const char *data1 = "[Foobar]\n#Comment\n#Comment2\nKey=Value\n"
 		"StringList=Foo,Bar,Baz\n"
 		"StringListEmpty=\n"
 		"StringListOne=FooBarBaz\n"
-		"StringWithSpaces=Bar B Q\n";
+		"StringWithSpaces=Bar B Q\n\n"
+		"[@pem(a)certificate]\n"
+		TEST_CERTIFICATE;
 
 static const char *data2 = "[Group1]\nKey=Value\n"
 			"IntegerA=2147483647\nIntegerB=-2147483648\n"
@@ -60,7 +176,11 @@ static const char *data2 = "[Group1]\nKey=Value\n"
 			"StringList=Foo,Bar,Baz\n"
 			"StringListEmpty=\n"
 			"StringListOne=FooBarBaz\n\n"
-			"[Group2]\nKey=Value\n";
+			"[Group2]\nKey=Value\n\n"
+			"[@pem(a)example]\n"
+			"-----BEGIN CERTIFICATE-----\n"
+			"MIIEajCCA1KgAwIBAgoZIhvcNAQEL\n"
+			"-----END CERTIFICATE-----\n";
 
 static void settings_debug(const char *str, void *userdata)
 {
@@ -141,6 +261,14 @@ static void test_settings(struct l_settings *settings)
 	strv = l_settings_get_groups(settings);
 	assert(strv);
 	assert(!strcmp(strv[0], "Foobar"));
+	assert(!l_settings_has_embedded_group(settings, strv[0]));
+	assert(!strv[1]);
+	l_strfreev(strv);
+
+	strv = l_settings_get_embedded_groups(settings);
+	assert(strv);
+	assert(!strcmp(strv[0], "certificate"));
+	assert(l_settings_has_embedded_group(settings, "certificate"));
 	assert(!strv[1]);
 	l_strfreev(strv);
 
@@ -160,6 +288,114 @@ static void test_settings(struct l_settings *settings)
 	assert(!l_settings_has_group(settings, "Foobar"));
 }
 
+static void test_valid_extended_group(const void *test_data)
+{
+	const char *raw_data =
+			"[normal]\n"
+			"key=value\n"
+			"[@pem(a)single_cert]\n"
+			TEST_CERTIFICATE
+			"[next_group]\n"
+			"another_key=another_value\n"
+			"[@pem(a)two_certs]\n"
+			TEST_CERT_LIST
+			"\n"
+			"[group_after_list]\n"
+			"key=value\n\n\n\n"
+			"[@pem(a)priv_key]\n"
+			TEST_PRIV_KEY
+			"\n\n\n\n";
+	struct l_settings *settings = l_settings_new();
+	const char *certificate = TEST_CERTIFICATE;
+	const char *two_certs = TEST_CERT_LIST;
+	const char *priv_key = TEST_PRIV_KEY;
+	const char *test_cert;
+	const char *out_type;
+
+	assert(l_settings_load_from_data(settings, raw_data, strlen(raw_data)));
+
+	assert(l_settings_has_group(settings, "normal"));
+	assert(l_settings_has_group(settings, "next_group"));
+	assert(!l_settings_get_value(settings, "single_cert", "value"));
+
+	assert(l_settings_has_embedded_group(settings, "single_cert"));
+	test_cert = l_settings_get_embedded_value(settings, "single_cert", &out_type);
+	assert(test_cert);
+	assert(!strcmp(test_cert, certificate));
+
+	assert(l_settings_has_embedded_group(settings, "two_certs"));
+	test_cert = l_settings_get_embedded_value(settings, "two_certs", &out_type);
+	assert(!strcmp(test_cert, two_certs));
+
+	assert(l_settings_has_embedded_group(settings, "priv_key"));
+	test_cert = l_settings_get_embedded_value(settings, "priv_key", &out_type);
+	assert(!strcmp(test_cert, priv_key));
+
+	l_settings_free(settings);
+}
+
+static void test_invalid_extended_group(const void *test_data)
+{
+	int i = 0;
+	const char *invalid_data[] = {
+			/* Unterminated PEM */
+			"[normal]\n"
+			"key=value\n"
+			"[@pem(a)unterminated_pem]\n"
+			"-----BEGIN ENCRYPTED PRIVATE KEY-----\n"
+			"MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhki",
+			/* Invalid ext type */
+			"[normal]\n"
+			"key=value\n"
+			"[@invalid(a)name]\n"
+			"-----BEGIN ENCRYPTED PRIVATE KEY-----\n"
+			"-----END ENCRYPTED PRIVATE KEY-----\n",
+			/* Valid ext type, invalid name */
+			"[normal]\n"
+			"key=value\n"
+			"[@pem@]\n"
+			"-----BEGIN ENCRYPTED PRIVATE KEY-----\n"
+			"-----END ENCRYPTED PRIVATE KEY-----\n",
+			/* Invalid ext type */
+			"[normal]\n"
+			"key=value\n"
+			"[@@some_name]\n"
+			"-----BEGIN ENCRYPTED PRIVATE KEY-----\n"
+			"-----END ENCRYPTED PRIVATE KEY-----\n",
+			/* second PEM invalid */
+			"[normal]\n"
+			"key=value\n"
+			"[@pem(a)two_pems]\n"
+			"-----BEGIN ENCRYPTED PRIVATE KEY-----\n"
+			"MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhki\n"
+			"-----END ENCRYPTED PRIVATE KEY-----\n"
+			"-----BEGIN \n",
+			/* end boundary only */
+			"[normal]\n"
+			"key=value\n"
+			"[@pem(a)two_pems]\n"
+			"-----END ENCRYPTED PRIVATE KEY-----\n",
+			/* No terminating newline */
+			"[normal]\n"
+			"key=value\n"
+			"[@pem(a)certs]\n"
+			"-----BEGIN ENCRYPTED PRIVATE KEY-----\n"
+			"MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhki\n"
+			"-----END ENCRYPTED PRIVATE KEY-----",
+			NULL
+	};
+
+	struct l_settings *settings = l_settings_new();
+
+	while (invalid_data[i]) {
+		assert(!l_settings_load_from_data(settings, invalid_data[i],
+						strlen(invalid_data[i])));
+		i++;
+	}
+
+	l_settings_free(settings);
+}
+
 static void test_load_from_data(const void *test_data)
 {
 	struct l_settings *settings;
@@ -319,6 +555,9 @@ int main(int argc, char *argv[])
 	l_test_add("Export to Data 1", test_to_data, data2);
 	l_test_add("Invalid Data 1", test_invalid_data, no_group_data);
 	l_test_add("Invalid Data 2", test_invalid_data, key_before_group_data);
+	l_test_add("Test valid ext group", test_valid_extended_group, NULL);
+	l_test_add("Test invalid ext group", test_invalid_extended_group, NULL);
+
 
 	return l_test_run();
 }
-- 
2.17.1

[PATCH v10 4/4] unit: fix memory leak in test-pem

[James Prestwood]

[-- Attachment #1: Type: text/plain, Size: 709 bytes --]

---
 unit/test-pem.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

-v10:
 * Removed NULL check for label, this is not needed

diff --git a/unit/test-pem.c b/unit/test-pem.c
index 6a927fc..d39003e 100644
--- a/unit/test-pem.c
+++ b/unit/test-pem.c
@@ -226,7 +226,7 @@ static void test_pem(const void *data)
 {
 	const struct pem_test *test = data;
 	uint8_t *decoded;
-	char *label;
+	char *label = NULL;
 	size_t decoded_size;
 
 	decoded = l_pem_load_buffer((const uint8_t *) test->input,
@@ -234,6 +234,7 @@ static void test_pem(const void *data)
 					&label, &decoded_size);
 
 	if (!test->valid) {
+		l_free(label);
 		assert(!decoded);
 		return;
 	}
-- 
2.17.1

Re: [PATCH v10 1/4] pem: make endp setting smarter

[Denis Kenzior]

[-- Attachment #1: Type: text/plain, Size: 446 bytes --]

Hi James,

On 10/4/19 2:51 PM, James Prestwood wrote:
> Always doing eol + 1 could result in endp pointing past the bounds
> of the PEM if the PEM does not have a final newline. Now we check
> that we aren't going past the bounds of the buffer before setting
> endp, and if we are just set endp to eol.
> ---
>   ell/pem.c | 8 ++++++--
>   1 file changed, 6 insertions(+), 2 deletions(-)
> 

All applied, thanks.

Regards,
-Denis